Cyber Security News

New Dark Web Market OLVX Advertising Variety of Hacking Tools

Threat actors exploit underground markets by purchasing or selling stolen data, malware, and hacking tools to facilitate cybercrime. 

These underground markets provide the following key facilities among threat actors that fuel the growth of cyber threats:-

  • Anonymity
  • Enabling illegal transactions
  • Enabling illegal collaboration

Cybersecurity researchers at Zerofox recently discovered a new underground market dubbed, OLVX (olvx[.]cc) found to be advertising a wide variety of hacking tools for illicit activities.

OLVX homepage (Source – Zerofox)

New Underground Market OLVX

OLVX launched on July 1, 2023, and since then, it has offered several illicit tools and services to threat actors.

Unlike other markets, OLVX concentrates on aiding cybercriminals with tools for data theft during the 2023 holiday retail rush.

ZeroFox found a significant spike in OLVX marketplace activity in fall 2023, where more items sold, and buyers rushed to a new store. 

Investigation reveals OLVX stems from leaked OLUX code (2020/2021). Though OLUX code is outdated, post-leak stores use improved versions. OLVX hides on Cloudflare for web hosting and better accessibility.

OLVX, not on the dark web, uses SEO and forums for customer growth. Prioritizing service, it operates a Telegram channel for support. Strong customer relationships boost OLVX’s reputation and profits. 

Admins partner with cybercriminals for custom toolkits, expanding offerings. Unlike others, OLVX skips escrow and opts for direct crypto payments. 

Customers maintain a balance for transactions, increasing sales, and besides this, “Top-off” instructions are given via a time-limited crypto address when funds run low.

Items Sold on OLVX

Here below, we have mentioned all the items that were sold on the OLVX underground marketplace:-

  • Shells
  • cPanels
  • Remote Desktop Protocol (RDP)
  • Secure Shell (SSH) Access
  • SMTP Accounts and Mailers
  • Webmail Accounts
  • Leads
  • Combo Lists
  • Accounts
  • Phish Kits (Scampages)

OLVX hides hosting with Cloudflare and advertises DDoS protection via Simple Carrier LLC, which is known for sketchy content hosting.

OLVX and similar marketplaces thrive as cybercriminal hubs during the holiday season, supplying tools for targeting campaigns. 

As consumers shop, cyber threats escalate, with OLVX providing essential tools for criminals, making it the ‘most wonderful time of the year’ for illicit activities.

Tushar Subhra Dutta

Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Recent Posts

LATRODECTUS Loader Getting Popular Among Cybercriminals, Is It Replacing ICEDID!

Hackers use loaders to bypass security measures and run harmful code in a genuine process's…

37 mins ago

30+ Tesla Cars Hacked Using Third-Party Software

A security researcher identified a vulnerability in TeslaLogger, a third-party software used to collect data…

1 day ago

How to Use Threat Intelligence Feeds for SOC/DFIR Teams

Threat intelligence feeds provide real-time updates on indicators of compromise (IOCs), such as malicious IPs…

1 day ago

YARA-X, The Malware Researchers Toolbox Evolved

Malware experts all over the world can't do their jobs without YARA. YARA has been…

2 days ago

SugarGh0st RAT Attacking Organizations & Individuals in AI Research

The cybersecurity company Proofpoint has found a new operation using the SugarGh0st Remote Access Trojan…

2 days ago

New Cyber Attack Targeting Facebook Business Accounts

The email campaign impersonates the Facebook Ads Team to trick users into clicking a malicious…

2 days ago